Skip to content

Fix granular marking selectors for nested STIX sub-objects (#585)#644

Open
arpitjain099 wants to merge 1 commit into
oasis-open:masterfrom
arpitjain099:chore/granular-marking-nested-selector
Open

Fix granular marking selectors for nested STIX sub-objects (#585)#644
arpitjain099 wants to merge 1 commit into
oasis-open:masterfrom
arpitjain099:chore/granular-marking-nested-selector

Conversation

@arpitjain099

Copy link
Copy Markdown

Adding a granular marking with a selector that points into a STIX sub-object gets rejected even when the selector is valid. For example the STIX 2.1 spec (7.2.3.1) uses external_references.[0].source_name, but add_markings(TLP_GREEN, "external_references.[0].source_name") raises InvalidSelectorError.

The cause is in iterpath in stix2/markings/utils.py: it only recurses when a value is a dict, but STIX sub-objects like ExternalReference are collections.abc.Mapping instances and not dict subclasses, so the nested path is never generated and validation then treats the valid selector as invalid. This switches the two type checks to collections.abc.Mapping.

Added a regression test in test_granular_markings.py that marks external_references.[0].source_name; it fails on master and passes with this change, and the existing v20/v21 marking tests still pass. Fixes #585.

iterpath only recursed into dict values, but STIX sub-objects like
ExternalReference are collections.abc.Mapping instances and not dict
subclasses, so selectors such as external_references.[0].source_name
were never generated and validation rejected them. Switch the two
type checks in iterpath to collections.abc.Mapping. Fixes oasis-open#585.

Signed-off-by: arpitjain099 <arpitjain099@gmail.com>
@CLAassistant

CLAassistant commented Jul 1, 2026

Copy link
Copy Markdown

CLA assistant check
All committers have signed the CLA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Granular marking selector validation is incorrect

2 participants